General
-
Target
SecuriteInfo.com.Win32.PWSX-gen.8053.6874.exe
-
Size
1.0MB
-
Sample
221118-m3dvdshb95
-
MD5
5ef1ddae8845fe10cc9ed22671721325
-
SHA1
640aa9f2924f6dd9f0ce4715afcdedd71b784cf8
-
SHA256
40b850fee63af78a35cd4f52c27b37d62879df299fb83c4f639d5efb9af1c283
-
SHA512
ed9eaae87a0b9bc6d8b83fa7884d527105c742645ebb6fc6e652b19028ba0529b1e220f17477f51f04b7d2e1b8897dd7e4a0a4330dd2bc7ec1579a974eef29ad
-
SSDEEP
24576:fBnG30YCoFO+M+eylRh1Q2hb1BOZyWlnjIcbfcSjZnbCkI:fBn+9Fu+jlaMb1BPWecTcSjZnbCkI
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.PWSX-gen.8053.6874.exe
-
Size
1.0MB
-
MD5
5ef1ddae8845fe10cc9ed22671721325
-
SHA1
640aa9f2924f6dd9f0ce4715afcdedd71b784cf8
-
SHA256
40b850fee63af78a35cd4f52c27b37d62879df299fb83c4f639d5efb9af1c283
-
SHA512
ed9eaae87a0b9bc6d8b83fa7884d527105c742645ebb6fc6e652b19028ba0529b1e220f17477f51f04b7d2e1b8897dd7e4a0a4330dd2bc7ec1579a974eef29ad
-
SSDEEP
24576:fBnG30YCoFO+M+eylRh1Q2hb1BOZyWlnjIcbfcSjZnbCkI:fBn+9Fu+jlaMb1BPWecTcSjZnbCkI
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-